Network/VPN/Windows: Difference between revisions
No edit summary |
No edit summary |
||
(46 intermediate revisions by 7 users not shown) | |||
Line 1: | Line 1: | ||
The UMIACS VPN is accessible through the Ivanti Connect Secure Client. Alternatively, you can establish a connection through a [https://vpn.umiacs.umd.edu/ web browser], but this may fail if you have an outdated version of Ivanti Secure already installed. | |||
'''NOTE: If your computer has an ARM-based processor, you will need a different installer than the standard Windows one. Please refer to the [[#Connecting through the Pulse Secure client (for computers WITH ARM processors)|instructions below]].''' | |||
==Prerequisites== | ==Prerequisites== | ||
* Device enrolled with [[Duo | UMIACS Duo]] | * A [[Accounts#UMIACS_Account | full UMIACS account]] | ||
* Device enrolled with [[Duo | UMIACS Duo]] for multi-factor authentication | |||
* An established network connection (wired or wireless) | |||
== Connecting through the | ==Connecting through the Ivanti Secure client== | ||
#'''Download the client:''' | # '''Download the client:''' | ||
#:[[Media: | #: [[Media:PulseSecure22.7.3.x64.msi|Windows 64 bit Pulse Secure Client]] | ||
#: ''Upon starting the client for the first time it may ask to upgrade the client. This will pull an up to date version of the client with the most recent configuration.'' | |||
#:''Upon starting the client for the first time it may ask to upgrade the client. This will pull an up to date version of the client with the most recent configuration.'' | # '''Start the client if it is not already running - it usually starts by default on bootup.''' | ||
#'''Start the client if it is not already running - it usually starts by default on bootup.''' | #: [[Image:Network VPN Windows Snip1.png|thumb|center|280px|[Windows] Start the client from the Start Menu.]] | ||
#:[[Image: | # '''If the client is already running, double click its icon from the status bar.''' | ||
#'''If the client is already running, double click its icon from the status bar.''' | #: [[Image:Network VPN Windows Snip2.png|thumb|center|280px|[Windows] Double click its status icon to open.]] | ||
#:[[Image: | # '''and click 'Add' (+) under the connection section.''' | ||
#'''and click 'Add' (+) under the connection section.''' | #: [[Image:Network VPN Windows Snip3.png|thumb|center|280px|[Windows] Click the 'Add' (+) button to create a new connection.]] | ||
#:[[Image: | # '''Enter a name for your VPN connection and the server URL 'vpn.umiacs.umd.edu'''' | ||
#'''Enter a name for your VPN connection and the server URL 'vpn.umiacs.umd.edu'''' | #: [[Image:Network VPN Windows Snip4.png|thumb|center|280px|[Windows] Enter the name of the VPN server.]] | ||
#:[[Image: | # '''Enter your UMIACS credentials and hit connect.''' | ||
#'''Enter your UMIACS credentials and hit connect.''' | #: [[Image:Network VPN Windows Snip5.png|thumb|center|280px|[Windows] Enter UMIACS credentials.]] | ||
#:[[Image: | # '''Enter Secondary Password for [[Network/VPN/MFA | MFA]]. For example, if you wish to push a notification to your device, type the word "push" into the secondary password box.''' | ||
#'''Enter Secondary Password for [[Network/VPN/MFA | MFA]]''' | |||
:::[[Image: | :::[[Image:Network VPN Windows Snip6.png|thumb|center|280px|[Windows] Enter Secondary Password.]] | ||
::The Pulse VPN multi-factor authentication implementation relies on a secondary authentication source to fulfill the MFA requirement. As a result, you will be prompted for credentials twice. | ::The Pulse VPN multi-factor authentication implementation relies on a secondary authentication source to fulfill the MFA requirement. As a result, you will be prompted for credentials twice. | ||
Line 44: | Line 42: | ||
|} | |} | ||
::Please note that registering a YubiKey for use with the VPN requires interaction with UMIACS Tech Staff. Please [[HelpDesk | contact us]] if you would like to register a YubiKey for this purpose. | :: Please note that registering a YubiKey for use with the VPN requires interaction with UMIACS Tech Staff. Please [[HelpDesk | contact us]] if you would like to register a YubiKey for this purpose. | ||
{{Note|<b>Pro-tip:</b> Select ‘Save Settings’ on the secondary authentication prompt to have Duo automatically use your preferred method.}} | |||
You should now be connected to the UMIACS VPN. | |||
'''Please note, 32-bit clients are no longer supported by Ivanti!''' | |||
==Connecting through the Ivanti Secure client (ARM processors)== | |||
ARM processors cannot natively run x64 or x86 programs without special emulation. However, not all x86 programs run smoothly even with emulation. As such, the best course of action for these sorts of machines is using the version of Pulse Secure that is specifically made for ARM processors. | |||
# '''Download the client:''' | |||
#: [[Media:PulseSecure22.7.3.ARM64.msi|Windows 64 bit ARM Pulse Secure Client]] | |||
#: ''Upon starting the client for the first time it may ask to upgrade the client. This will pull an up to date version of the client with the most recent configuration.'' | |||
# '''Follow all post-download steps in the above section.''' | |||
==Checking VPN Status== | ==Checking VPN Status== | ||
# In the bottom right hand corner, in your status bar, you should see an S icon. If there's a green arrow, that means you are connected! If there is nothing, that means you are not. | # In the bottom right hand corner, in your status bar, you should see an S icon. If there's a green arrow, that means you are connected! If there is nothing, that means you are not. | ||
#:[[Image: | #: [[Image:Network_VPN_Windows_Snip7.png|thumb|center|500px|]] | ||
# You can hover over this icon and it will show you the status of your connection. | # You can hover over this icon and it will show you the status of your connection. | ||
#:[[Image: | #: [[Image:Network_VPN_Windows_Snip8.png|thumb|center|500px|]] | ||
Latest revision as of 15:26, 12 September 2024
The UMIACS VPN is accessible through the Ivanti Connect Secure Client. Alternatively, you can establish a connection through a web browser, but this may fail if you have an outdated version of Ivanti Secure already installed.
NOTE: If your computer has an ARM-based processor, you will need a different installer than the standard Windows one. Please refer to the instructions below.
Prerequisites
- A full UMIACS account
- Device enrolled with UMIACS Duo for multi-factor authentication
- An established network connection (wired or wireless)
Connecting through the Ivanti Secure client
- Download the client:
- Windows 64 bit Pulse Secure Client
- Upon starting the client for the first time it may ask to upgrade the client. This will pull an up to date version of the client with the most recent configuration.
- Start the client if it is not already running - it usually starts by default on bootup.
- If the client is already running, double click its icon from the status bar.
- and click 'Add' (+) under the connection section.
- Enter a name for your VPN connection and the server URL 'vpn.umiacs.umd.edu'
- Enter your UMIACS credentials and hit connect.
- Enter Secondary Password for MFA. For example, if you wish to push a notification to your device, type the word "push" into the secondary password box.
- The Pulse VPN multi-factor authentication implementation relies on a secondary authentication source to fulfill the MFA requirement. As a result, you will be prompted for credentials twice.
Second Credential Password Value: Result push Send a push verification to your Duo connected device phone Send a call verification to your Duo connected device. <press YubiKey> If you have a physical token then you would press the YubiKey for the one time password.
- Please note that registering a YubiKey for use with the VPN requires interaction with UMIACS Tech Staff. Please contact us if you would like to register a YubiKey for this purpose.
Pro-tip: Select ‘Save Settings’ on the secondary authentication prompt to have Duo automatically use your preferred method. |
You should now be connected to the UMIACS VPN.
Please note, 32-bit clients are no longer supported by Ivanti!
Connecting through the Ivanti Secure client (ARM processors)
ARM processors cannot natively run x64 or x86 programs without special emulation. However, not all x86 programs run smoothly even with emulation. As such, the best course of action for these sorts of machines is using the version of Pulse Secure that is specifically made for ARM processors.
- Download the client:
- Windows 64 bit ARM Pulse Secure Client
- Upon starting the client for the first time it may ask to upgrade the client. This will pull an up to date version of the client with the most recent configuration.
- Follow all post-download steps in the above section.
Checking VPN Status
- In the bottom right hand corner, in your status bar, you should see an S icon. If there's a green arrow, that means you are connected! If there is nothing, that means you are not.
- You can hover over this icon and it will show you the status of your connection.